dev.cocore.compute.job

cocore.dev

Documentation

main record

No description available.

Record Key tid Timestamp-based ID

Properties

acceptedExchanges array of string did Optional

Exchange DIDs allowed to settle this job. MUST be non-empty in practice; the named paymentAuthorization MUST cover one of these.

maxLength: 16 items
acceptedProviders array of string did Optional

Specific provider DIDs allowed to serve this job. Empty/absent means any provider that meets acceptedTrustLevel.

maxLength: 64 items
createdAt string datetime Required

An RFC 3339 formatted timestamp.

expiresAt string datetime Required

Provider must complete by this time. Receipts whose completedAt > expiresAt are invalid.

inputCipherURL string uri Optional

Optional URL where the encrypted prompt blob can be fetched. May be a PDS blob (at://...) or any other content-addressed URL. The commitment is what matters; this is a convenience pointer.

inputCommitment string Required

SHA-256 hex over the SEALED input plaintext bytes the provider decrypts — i.e. the exact bytes both the requester (before sealing) and the provider (after opening) hash, so it is self-consistent without either side parsing the payload. The plaintext is never on-chain. The byte layout is described by `inputFormat`: absent/`text` means the bytes are the raw prompt string; `messages-v1` means they are the UTF-8 of the canonical multimodal envelope (see `inputFormat`).

maxLength: 64 bytesminLength: 64 bytes
inputFormat string Optional

How to interpret the sealed input bytes that `inputCommitment` covers. Absent (legacy) or `text`: the bytes are the raw prompt string. `messages-v1`: the bytes are the UTF-8 of a canonical-JSON multimodal envelope { v: 1, messages: [ { role, content } ] }, where `content` is either a string or an array of parts — { type: "text", text } and { type: "image", mime, data } with `data` base64-encoded image bytes inline. A verifier reconstructs the same canonical bytes to recompute `inputCommitment`. Additive: providers that don't understand a format reject the job rather than mis-serving it.

Known values: text, messages-v1
maxTokensOut integer Required

No description available.

minimum: 1maximum: 2000000
model string Required

Opaque model identifier the requester wants the provider to honor.

maxLength: 256 bytes
nonce string Required

16 random bytes, hex-encoded. Replay protection.

maxLength: 32 bytesminLength: 32 bytes
paymentAuthorization ref com.atproto.repo.strongRef Required

Strong-ref to a dev.cocore.compute.paymentAuthorization record in the same repo, naming an exchange and a ceiling >= this job's priceCeiling.

priceCeiling ref dev.cocore.compute.defs#money Required

Maximum price the requester will accept for this job. The provider's receipt MUST list a price <= this ceiling, else the receipt is invalid.

View raw schema
{
  "key": "tid",
  "type": "record",
  "record": {
    "type": "object",
    "required": [
      "model",
      "inputCommitment",
      "maxTokensOut",
      "priceCeiling",
      "acceptedTrustLevel",
      "paymentAuthorization",
      "nonce",
      "expiresAt",
      "createdAt"
    ],
    "properties": {
      "model": {
        "type": "string",
        "maxLength": 256,
        "description": "Opaque model identifier the requester wants the provider to honor."
      },
      "nonce": {
        "type": "string",
        "maxLength": 32,
        "minLength": 32,
        "description": "16 random bytes, hex-encoded. Replay protection."
      },
      "createdAt": {
        "type": "string",
        "format": "datetime"
      },
      "expiresAt": {
        "type": "string",
        "format": "datetime",
        "description": "Provider must complete by this time. Receipts whose completedAt > expiresAt are invalid."
      },
      "inputFormat": {
        "type": "string",
        "description": "How to interpret the sealed input bytes that `inputCommitment` covers. Absent (legacy) or `text`: the bytes are the raw prompt string. `messages-v1`: the bytes are the UTF-8 of a canonical-JSON multimodal envelope { v: 1, messages: [ { role, content } ] }, where `content` is either a string or an array of parts — { type: \"text\", text } and { type: \"image\", mime, data } with `data` base64-encoded image bytes inline. A verifier reconstructs the same canonical bytes to recompute `inputCommitment`. Additive: providers that don't understand a format reject the job rather than mis-serving it.",
        "knownValues": [
          "text",
          "messages-v1"
        ]
      },
      "maxTokensOut": {
        "type": "integer",
        "maximum": 2000000,
        "minimum": 1
      },
      "priceCeiling": {
        "ref": "dev.cocore.compute.defs#money",
        "type": "ref",
        "description": "Maximum price the requester will accept for this job. The provider's receipt MUST list a price <= this ceiling, else the receipt is invalid."
      },
      "inputCipherURL": {
        "type": "string",
        "format": "uri",
        "description": "Optional URL where the encrypted prompt blob can be fetched. May be a PDS blob (at://...) or any other content-addressed URL. The commitment is what matters; this is a convenience pointer."
      },
      "inputCommitment": {
        "type": "string",
        "maxLength": 64,
        "minLength": 64,
        "description": "SHA-256 hex over the SEALED input plaintext bytes the provider decrypts — i.e. the exact bytes both the requester (before sealing) and the provider (after opening) hash, so it is self-consistent without either side parsing the payload. The plaintext is never on-chain. The byte layout is described by `inputFormat`: absent/`text` means the bytes are the raw prompt string; `messages-v1` means they are the UTF-8 of the canonical multimodal envelope (see `inputFormat`)."
      },
      "acceptedExchanges": {
        "type": "array",
        "items": {
          "type": "string",
          "format": "did"
        },
        "maxLength": 16,
        "description": "Exchange DIDs allowed to settle this job. MUST be non-empty in practice; the named paymentAuthorization MUST cover one of these."
      },
      "acceptedProviders": {
        "type": "array",
        "items": {
          "type": "string",
          "format": "did"
        },
        "maxLength": 64,
        "description": "Specific provider DIDs allowed to serve this job. Empty/absent means any provider that meets acceptedTrustLevel."
      },
      "acceptedTrustLevel": {
        "ref": "dev.cocore.compute.defs#trustLevel",
        "type": "ref",
        "description": "Minimum trust level the requester will accept from a provider serving this job."
      },
      "paymentAuthorization": {
        "ref": "com.atproto.repo.strongRef",
        "type": "ref",
        "description": "Strong-ref to a dev.cocore.compute.paymentAuthorization record in the same repo, naming an exchange and a ceiling >= this job's priceCeiling."
      }
    }
  }
}

Lexicon Garden

@